1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-25 23:21:54 +03:00
Commit Graph

217 Commits

Author SHA1 Message Date
Jeremy Allison
d4307679b9 Change all occurrences of zero_addr(&ss,AF_INET) to
zero_addr(&ss). All current uses were always of the
AF_INET form, so simplify the call. If in the future
we need to zero an addr to AF_INET6 this can be
done separately.
Jeremy.
(This used to be commit 2e92418a13)
2007-10-27 20:29:36 -07:00
Jeremy Allison
f88b7a076b This is a large patch (sorry). Migrate from struct in_addr
to struct sockaddr_storage in most places that matter (ie.
not the nmbd and NetBIOS lookups). This passes make test
on an IPv4 box, but I'll have to do more work/testing on
IPv6 enabled boxes. This should now give us a framework
for testing and finishing the IPv6 migration. It's at
the state where someone with a working IPv6 setup should
(theorecically) be able to type :
smbclient //ipv6-address/share
and have it work.
Jeremy.
(This used to be commit 98e154c312)
2007-10-24 14:16:54 -07:00
Jeremy Allison
9a85533914 Fix the popt / bool issues. Some places we used BOOL
where we meant int. Fix this. Thanks to metze for
pointing this out.
Jeremy.
(This used to be commit 793a9d24a1)
2007-10-19 11:38:36 -07:00
Jeremy Allison
30191d1a57 RIP BOOL. Convert BOOL -> bool. I found a few interesting
bugs in various places whilst doing this (places that assumed
BOOL == int). I also need to fix the Samba4 pidl generation
(next checkin).
Jeremy.
(This used to be commit f35a266b3c)
2007-10-18 17:40:25 -07:00
Jeremy Allison
8e54530b52 Add start of IPv6 implementation. Currently most of this is avoiding
IPv6 in winbindd, but moves most of the socket functions that were
wrongly in lib/util.c into lib/util_sock.c and provides generic
IPv4/6 independent versions of most things. Still lots of work
to do, but now I can see how I'll fix the access check code.
Nasty part that remains is the name resolution code which is
used to returning arrays of in_addr structs.
Jeremy.
(This used to be commit 3f6bd0e1ec)
2007-10-10 18:25:16 -07:00
Volker Lendecke
faefb22c61 r24943: Some stackframes
(This used to be commit cddb9f11d5)
2007-10-10 12:30:29 -05:00
Andrew Tridgell
714209baaa r23804: here too
(This used to be commit e5d18768a0)
2007-10-10 12:28:28 -05:00
Andrew Tridgell
5e54558c6d r23784: use the GPLv3 boilerplate as recommended by the FSF and the license text
(This used to be commit b0132e94fc)
2007-10-10 12:28:22 -05:00
Simo Sorce
f622dc8d2f r23782: I tested this against NT4 PDC, W2K Server, W2K3 Dc, and a Win XP std alone
client and they all work with this code.
(This used to be commit 44e22581d7)
2007-10-10 12:28:21 -05:00
Jeremy Allison
d824b98f80 r23779: Change from v2 or later to v3 or later.
Jeremy.
(This used to be commit 407e6e695b)
2007-10-10 12:28:20 -05:00
Günther Deschner
7eb828135b r23627: Allow to pass down the lookup-level to rpccli_lsa_lookup_names().
Guenther
(This used to be commit e9a7512a9f)
2007-10-10 12:23:38 -05:00
James Peach
e61f235796 r23009: Both contains a strchr_m(server,'/') few lines after replacing all / with \.
This patch removes this dead code.

Patch from Pascal Terjan <pterjan@mandriva.com> for bug #2313.
(This used to be commit 04b84baef3)
2007-10-10 12:22:14 -05:00
Jelmer Vernooij
4db7642caa r18745: Use the Samba4 data structures for security descriptors and security descriptor
buffers.

Make security access masks simply a uint32 rather than a structure
with a uint32 in it.
(This used to be commit b41c52b9db)
2007-10-10 12:00:54 -05:00
Gerald Carter
2b27c93a9a r18271: Big change:
* autogenerate lsa ndr code
* rename 'enum SID_NAME_USE' to 'enum lsa_SidType'
* merge a log more security descriptor functions from
  gen_ndr/ndr_security.c in SAMBA_4_0

The most embarassing thing is the "#define strlen_m strlen"
We need a real implementation in SAMBA_3_0 which I'll work on
after this code is in.
(This used to be commit 3da9f80c28)
2007-10-10 11:51:18 -05:00
Jeremy Allison
2b8abc030b r16644: Fix bug #3887 reported by jason@ncac.gwu.edu
by converting the lookup_XX functions to correctly
return SID_NAME_TYPE enums.
Jeremy.
(This used to be commit ee2b2d96b6)
2007-10-10 11:19:05 -05:00
Volker Lendecke
3c34f6085a r16409: Fix Klocwork ID's.
1177

In reg_perfcount.c: 1200 1202 1203 1204
In regfio.c: 1243 1245 1246 1247 1251

Jerry, the reg_perfcount and regfio.c ones, can you take a look please? This
is really your code, and I'm not sure I did the right thing to return an
error.

smbcacls.c: 1377
srv_eventlog_nt.c: 1415 1416 1417
srv_lsa_nt.c: 1420 1421
srv_netlog_nt.c: 1429
srv_samr_nt: 1458 1459 1460

Volker

Volker
(This used to be commit d6547d12b1)
2007-10-10 11:18:52 -05:00
Jim McDonough
e0793b1b28 r14278: Remainder of fix for Coverity #79,80,81: only allow GROUP or OWNER to be
specified once in an ACL, so it can be allocated a second time,
overwriting the first
(This used to be commit 1804a8a01e)
2007-10-10 11:15:22 -05:00
Jim McDonough
30e751c56b r14272: Fix Coverity # 81: free alloc'ed storage before returning
(This used to be commit 1899d8ea28)
2007-10-10 11:15:22 -05:00
Gerald Carter
0af1500fc0 r13316: Let the carnage begin....
Sync with trunk as off r13315
(This used to be commit 17e63ac4ed)
2007-10-10 11:06:23 -05:00
Derrell Lipman
9c15bd311d r13212: r12414@cabra: derrell | 2006-01-28 17:52:17 -0500
lp_load() could not be called multiple times to modify parameter settings based
 on reading from multiple configuration settings.  Each time, it initialized all
 of the settings back to their defaults before reading the specified
 configuration file.

 This patch adds a parameter to lp_load() specifying whether the settings should
 be initialized.  It does, however, still force the settings to be initialized
 the first time, even if the request was to not initialize them.  (Not doing so
 could wreak havoc due to uninitialized values.)
(This used to be commit f2a24de769)
2007-10-10 11:06:18 -05:00
Jeremy Allison
c8f28c92a7 r12555: Fix more load_case_table swegfaults. Arggg.
What I'd give for a global constructor...
Jeremy.
(This used to be commit c970d7d0a5)
2007-10-10 11:05:59 -05:00
Jeremy Allison
3a1623c940 r11506: Added description of ACL in usage message.
Jeremy.
(This used to be commit 7795fce24e)
2007-10-10 11:05:18 -05:00
Jeremy Allison
446463e910 r11482: Arrg. Can't believe this code was in this state. If you
don't initialize the mask then setting "special" access
gets set to *random* permissions !
Jeremy.
(This used to be commit f1616911a8)
2007-10-10 11:05:18 -05:00
Jeremy Allison
af3b6bec1f r11464: Allow smbcacls to modify a SD on W2K3. This may fix several
bugzilla bugs - I need to go through and check. I also
need to test against WNT/W2K and WXP.
Jeremy.
(This used to be commit 881dd7dbf6)
2007-10-10 11:05:18 -05:00
Jeremy Allison
a306447aa4 r11460: Improve error messages in parsing security descriptors.
Jeremy.
(This used to be commit 385f128de7)
2007-10-10 11:05:17 -05:00
Gerald Carter
54abd2aa66 r10656: BIG merge from trunk. Features not copied over
* \PIPE\unixinfo
* winbindd's {group,alias}membership new functions
* winbindd's lookupsids() functionality
* swat (trunk changes to be reverted as per discussion with Deryck)
(This used to be commit 939c3cb5d7)
2007-10-10 11:04:48 -05:00
Jeremy Allison
19ca97a70f r7882: Looks like a large patch - but what it actually does is make Samba
safe for using our headers and linking with C++ modules. Stops us
from using C++ reserved keywords in our code.
Jeremy
(This used to be commit 9506b8e145)
2007-10-10 10:58:00 -05:00
Jeremy Allison
acf9d61421 r4088: Get medieval on our ass about malloc.... :-). Take control of all our allocation
functions so we can funnel through some well known functions. Should help greatly with
malloc checking.
HEAD patch to follow.
Jeremy.
(This used to be commit 620f2e608f)
2007-10-10 10:53:32 -05:00
Günther Deschner
76a1bcd655 r3918: Allow to set OWNER- and GROUP-entries while setting security descriptors
with smbcacls and using with the -S or -M switch. Fixes #404 and #2076.

Guenther
(This used to be commit 13d32519e3)
2007-10-10 10:53:24 -05:00
Volker Lendecke
84b2403241 r3846: Typo fix. Bug 2055. Lars, I'm available on irc.... :-)
Volker
(This used to be commit 78ab68367d)
2007-10-10 10:53:20 -05:00
Stefan Metzmacher
fe69a5e28d r2348: fix segmention faults
in smbcquotas and smbcacls caused by setup_logging() (-r 1425)

metze
(This used to be commit 39f3f76ea2)
2007-10-10 10:52:40 -05:00
Herb Lewis
8018892b3c r1103: need to leave empty dacl so we can remove last ACE
(This used to be commit d8a545368c)
2007-10-10 10:51:55 -05:00
Jeremy Allison
0551426657 Ensure that dup_sec_desc copies the 'type' field correctly. This caused
me to expose a type arguement to make_sec_desc(). We weren't copying
the SE_DESC_DACL_AUTO_INHERITED flag which could cause errors on
auto inherited checks.
Jeremy.
(This used to be commit 28b315a750)
2003-09-19 21:57:43 +00:00
Tim Potter
0869073b7b Fix bug 342. Short version of --add now -a instead of -A.
(This used to be commit 233568dd6b)
2003-09-01 10:43:21 +00:00
Jeremy Allison
29ca70cd34 Add a command line option (-S on|off|required) to enable signing on client
connections. Overrides smb.conf parameter if set.
Jeremy.
(This used to be commit 879309671d)
2003-07-30 23:49:29 +00:00
Jeremy Allison
98689251bb Fixes from Martin Dorey <mdorey@bluearc.com> to only ask for and change
the requested parts of the ACL.
Jeremy.
(This used to be commit c35a88201c)
2003-06-24 01:09:36 +00:00
Jelmer Vernooij
0914e541f5 Reverse previous patch from Stefan and me after comments by Andrew Bartlett
(This used to be commit d817eaf0ec)
2003-05-10 11:49:51 +00:00
Jelmer Vernooij
c507ebe567 Patch from metze and me that adds dummy smb_register_*() functions so
that is now possible to, for example, load a module which contains
an auth method into a binary without the auth/ subsystem built in.
(This used to be commit 74d9ecfe2d)
2003-05-10 10:53:48 +00:00
Tim Potter
5f82e261c6 Merge:
- Jelmer's latest popt changes
(This used to be commit 6a54d9a0a7)
2003-04-14 03:59:04 +00:00
Jelmer Vernooij
427fb4a281 Use fprintf(f, ...) instead of plain printf() - patch by Ronan Waide
(This used to be commit 890cc17c41)
2003-04-09 14:34:53 +00:00
Andrew Bartlett
d5ee9b2f48 Jeremy merged across my string parinoia fixes, but forgot to enable them! :-)
This patch catches up on the rest of the work - as much string checking
as is possible is done at compile time, and the rest at runtime.

Lots of code converted to pstrcpy() etc, and other code reworked to correctly
call sizeof().

Andrew Bartlett
(This used to be commit c5b604e2ee)
2003-03-18 11:22:52 +00:00
Andrew Bartlett
27b7e51a3c Merge from HEAD:
- fstring/pstring mixups
 - the detection code that found them (disabled)
 - a bit of whitespace
 - a static

Andrew Bartlett
(This used to be commit 9b70fa868e)
2003-01-14 08:53:59 +00:00
Andrew Bartlett
634c54310c Merge from HEAD - make Samba compile with -Wwrite-strings without additional
warnings.  (Adds a lot of const).

Andrew Bartlett
(This used to be commit 3a7458f947)
2003-01-03 08:28:12 +00:00
Jeremy Allison
ef8bd7c4f7 Forward port the change to talloc_init() to make all talloc contexts
named. Ensure we can query them.
Jeremy.
(This used to be commit 09a218a9f6)
2002-12-20 20:21:31 +00:00
Tim Potter
8e5c9b0431 Merge from HEAD:
>Fix fnum leak under error condition in cacl_dump.
(This used to be commit cd11f10e84)
2002-12-20 01:35:21 +00:00
Jeremy Allison
2f194322d4 Removed global_myworkgroup, global_myname, global_myscope. Added liberal
dashes of const. This is a rather large check-in, some things may break.
It does compile though :-).
Jeremy.
(This used to be commit f755711df8)
2002-11-12 23:20:50 +00:00
Jeremy Allison
c53eb2ed54 Added new error codes. Fix up connection code to retry in the same way
that app-head does.
Jeremy.
(This used to be commit ec7953f201)
2002-10-17 17:10:24 +00:00
Gerald Carter
36ef82a529 merge of new client side support the Win2k LSARPC UUID in rpcbind
from APP_HEAD
(This used to be commit 1cfd2ee433)
2002-10-04 04:10:23 +00:00
Jelmer Vernooij
f0255b38bc sync 3.0 branch with HEAD
(This used to be commit 1b83b78e33)
2002-08-17 14:45:04 +00:00
Andrew Tridgell
e90b652848 updated the 3.0 branch from the head branch - ready for alpha18
(This used to be commit 03ac082dcb)
2002-07-15 10:35:28 +00:00
Tim Potter
d9cfe0f3eb Merge of lsa lookup names/sids patch from HEAD.
(This used to be commit e57c162897)
2002-04-15 05:02:22 +00:00
Tim Potter
562f73d581 int -> uint32 fixes from andreas
(This used to be commit 84c811ca57)
2002-02-16 19:46:42 +00:00
Tim Potter
cd68afe312 Removed version number from file header.
Changed "SMB/Netbios" to "SMB/CIFS" in file header.
(This used to be commit 6a58c9bd06)
2002-01-30 06:08:46 +00:00
Andrew Bartlett
ba8c1c6e45 Back out some of the less well thought out ideas from last weeks work on
winbind default domains, particulary now I understand whats going on a lot
better.  This ensures that the RPC client code does as little 'magic' as
possible - this is up to the application/user.  (Where - for to name->sid code
- it was all along).  This leaves the change that allows the sid->name code to
return domains and usernames in seperate paramaters.

Andrew Bartlett
(This used to be commit 5dfba2cf53)
2002-01-26 11:48:42 +00:00
Andrew Bartlett
93a8358910 This patch makes the 'winbind use default domain' code interact better with
smbd, and also makes it much cleaner inside winbindd.

It is mostly my code, with a few changes and testing performed by Alexander
Bokovoy <a.bokovoy@sam-solutions.net>.  ab has tested it in security=domain and
security=ads, but more testing is always appricatiated.

The idea is that we no longer cart around a 'domain\user' string, we keep them
seperate until the last moment - when we push that string into a pwent on onto
the socket.

This removes the need to be constantly parsing that string - the domain prefix
is almost always already provided, (only a couple of functions actually changed
arguments in all this).

Some consequential changes to the RPC client code, to stop it concatonating the
two strings (it now passes them both back as params).

I havn't changed the cache code, however the usernames will no longer have a
double domain prefix in the key string.  The actual structures are unchanged
 - but the meaning of 'username' in the 'rid' will have changed.  (The cache is
invalidated at startup, so on-disk formats are not an issue here).

Andrew Bartlett
(This used to be commit e870f0e727)
2002-01-20 01:24:59 +00:00
Jeremy Allison
dccc1ed3f8 Fixup JF's weird SID return :-).
Jeremy
(This used to be commit 7b8fb8d85c)
2001-12-18 19:44:14 +00:00
Tim Potter
6d9adfe73c Renamed sid field in SEC_ACE to trustee to be more in line with MS's
definitions.
(This used to be commit 9712d3f15a)
2001-11-30 01:04:15 +00:00
Andrew Tridgell
eec9e8a052 fix a bunch of places where we can double-free a cli structure
(This used to be commit e2ba2383c9)
2001-11-28 03:56:30 +00:00
Tim Potter
585d0efbc6 Got medieval on another pointless extern. Removed extern struct ipzero
and replaced with two functions:

	void zero_ip(struct in_adder *ip);
	BOOL is_zero_ip(struct in_addr ip);
(This used to be commit 778f5f77a6)
2001-11-26 03:11:44 +00:00
Tim Potter
79b34d1b11 Removed TimeInit() call from every client program (except for one place
in smbd/process.c where the timezone is reinitialised.  Was replaced with
check for a static is_initialised boolean.
(This used to be commit 8fc772c9e5)
2001-11-23 00:52:29 +00:00
Martin Pool
f741f65673 Store some path names in global variables initialized to configure
default, rather than in preprocessor macros.
(This used to be commit 79ec88f0da)
2001-11-19 02:49:53 +00:00
Simo Sorce
c0ef0e113e move to SAFE_FREE()
(This used to be commit 67db8f03c5)
2001-09-17 11:48:29 +00:00
Andrew Tridgell
b12a4dd9b6 declare dbf in one spot
(This used to be commit f41c3bb80f)
2001-09-10 12:14:18 +00:00
Andrew Tridgell
b30e75692d replaced stdio in many parts of samba with a XFILE. XFILE is a cut-down
replacemnt of stdio that doesn't suffer from the 8-bit filedescriptor
limit that we hit with nasty consequences on some systems

I would eventually prefer us to have a configure test to see if we need
to replace stdio, but for now this code needs to be tested widely so
I'm enabling it by default.
(This used to be commit 1af8bf34f1)
2001-09-10 11:08:57 +00:00
Andrew Tridgell
c76dd14040 it now all compiles - so try enabling it by default and see what explodes on the build farm
(This used to be commit 5bb7e4f0f6)
2001-09-04 10:57:29 +00:00
Andrew Tridgell
b031af348c converted another bunch of stuff to NTSTATUS
(This used to be commit 1d36250e33)
2001-08-27 19:46:22 +00:00
Andrew Tridgell
464237cdb8 fixed handling of 139/445 in clients
(This used to be commit 22b372f8a7)
2001-08-24 20:11:09 +00:00
Andrew Tridgell
527e824293 strchr and strrchr are macros when compiling with optimisation in gcc, so we can't redefine them. damn.
(This used to be commit c41fc06376)
2001-07-04 07:36:09 +00:00
Andrew Tridgell
87fbb7092b The big character set handling changeover!
This commit gets rid of all our old codepage handling and replaces it with
iconv. All internal strings in Samba are now in "unix" charset, which may
be multi-byte. See internals.doc and my posting to samba-technical for
a more complete explanation.
(This used to be commit debb471267)
2001-07-04 07:15:53 +00:00
Tim Potter
d972dc06a1 Removed bogus server_n local variable in connect_one() function.
(This used to be commit 69d90a8af1)
2001-07-04 04:04:17 +00:00
Tim Potter
39a265ae20 Added some missing entries to usage().
Added -d option to set debug level.
(This used to be commit 9874df0c22)
2001-06-27 04:43:55 +00:00
Andrew Tridgell
91b8a8d1d2 next_token() was supposed to be a reentrant replacement for strtok(),
but the code suffered from bitrot and is not now reentrant. That means
we can get bizarre behaviour
i've fixed this by making next_token() reentrant and creating a
next_token_nr() that is a small non-reentrant wrapper for those lumps
of code (mostly smbclient) that have come to rely on the non-reentrant
behaviour
(This used to be commit 674ee2f1d1)
2001-06-21 09:10:42 +00:00
Jeremy Allison
6fb063b4d5 Warning fix from Andrew Bartlett.
Jeremy.
(This used to be commit 87f647715d)
2001-06-20 17:49:38 +00:00
Jeremy Allison
c1fbf761ce rpc_server/srv_srvsvc_nt.c: Don't test an uint32 for < 0.
utils/smbcacls.c: Set enum correctly.
Jeremy.
(This used to be commit 66f959e0ff)
2001-06-19 00:44:23 +00:00
Jeremy Allison
f5eab4421c Fixup smbcacls. Don't return memory already freed, don't free memory allocated
with talloc.
Jeremy.
(This used to be commit 0ae0d024f5)
2001-05-01 23:07:30 +00:00
Andrew Tridgell
7e82811d2d fixed some uninitialised variables
(This used to be commit 5d899e51a4)
2001-05-01 04:05:53 +00:00
Gerald Carter
e40449fa72 rpcclient merge from 2.2 (including Jeremy's non-void return fix)
(This used to be commit 0a6ceed279)
2001-04-28 00:32:56 +00:00
Jeremy Allison
2ef68c7e92 Merge of Andrew's changes in 2.2.
Jeremy.
(This used to be commit fc76681812)
2001-04-13 19:12:06 +00:00
Jeremy Allison
3a38f122d9 Added SMB_ prefix to enums that clash with Solaris ACL definitions.
Jeremy.
(This used to be commit 493d2c316a)
2001-04-11 01:34:37 +00:00
Jeremy Allison
6ed9b52862 Ooops - forgot to check the rpcclient and smbcacls compile with the new
code :-(.
Jeremy.
(This used to be commit 70beabf73b)
2001-02-28 01:38:12 +00:00
Andrew Tridgell
7082b61c4b make sure denied aces are first
(This used to be commit b0b49a4b28)
2001-02-23 07:25:49 +00:00
Andrew Tridgell
46807bd187 cast the qsort
(This used to be commit 703d9f5cb3)
2001-02-23 07:21:50 +00:00
Andrew Tridgell
8d070c60fc - fixed the sort_acl bug, sorting now works right
- don't allow setting of duplicate ACEs
- fixed a ACE delete bug
(This used to be commit 61293979ce)
2001-02-23 07:20:11 +00:00
Andrew Tridgell
b4096748dd don't crash on null acl sort
(This used to be commit 5934137741)
2001-02-22 06:35:54 +00:00
Andrew Tridgell
4e1de143b3 - workaround filer lsa lookup bug for unknown sids
- add \ at start of name if not needed (another filer workaround)
(This used to be commit 48ab6297a1)
2001-02-22 06:22:20 +00:00
Andrew Tridgell
9ccbc1de06 cope with filer/NT/samba all in one binary. yeah.
we now don't open rw for acls
(This used to be commit c0f57c3fe6)
2001-02-22 03:40:01 +00:00
Andrew Tridgell
6cb19fbd3a don't need _uni hack now
(This used to be commit f191271986)
2001-02-20 23:53:06 +00:00
Tim Potter
a699e9b572 Some systems don't support SEC_RIGHTS_MAXIMUM_ALLOWED for lsa_open_policy()
but NT sends 0x2000000 so we might as well do it too.
(This used to be commit 394e17645b)
2001-01-23 17:33:35 +00:00
Tim Potter
1459f1022c Return appropriate exit codes for various situations:
0 for success
    1 if operation failed
    2 command line parse error
(This used to be commit b4773618ac)
2000-12-21 23:36:25 +00:00
Tim Potter
ca727bd638 Don't call string_to_sid after cli_lsa_lookup_names() fails.
Can't use space as a ACL separator as it breaks NT user/group names that
contain spaces (i.e most of the default ones).

The MSDN is contradictory over the exact ordering of ACE entries in an ACL.
However NT4 gives a "The information may have been modified by a computer
running Windows NT 5.0" if denied ACEs do not appear before allowed ACEs.
Sort ACE list before calling cli_set_secdesc().
(This used to be commit 01a89978ff)
2000-12-21 06:21:26 +00:00
Tim Potter
855bcea38e Some systems seem to only accept a ntcreate&x with a unicode filename
despite samba negotiating ascii filenames.  Retry with unicode pathnames
if the ascii version fails.

Convert all forward slashes to backslashes in the filename argument.
(This used to be commit 935b77573e)
2000-12-21 05:28:39 +00:00
Tim Potter
d15bef816d Cleaned up SidToString() and StringToSid() exit paths.
Can now use user%password format in $USER environment variable.  -U option
is now optional.
(This used to be commit e21f2ef4fb)
2000-12-21 00:12:59 +00:00
Jeremy Allison
8325948287 Added -C username and -G username that allow a user (usually Administrator)
to change the ownership or group ownership of a file to any arbitrary user
from the UNIX command line.
This will show the people who quote NT manuals at us about how this is
"impossible" how their operating system really works :-).
Jeremy.
(This used to be commit 12f88c9ba7)
2000-12-16 00:08:05 +00:00
Jeremy Allison
369f5fd1d7 Fixed memory leaks in lsa_XX calls. Fixed memory leaks in smbcacls. Merged
in fixes from appliance-head and 2.2. Fixed multiple connection.tdb open
problem.
Jeremy.
(This used to be commit 0a40bc83e1)
2000-12-15 01:02:11 +00:00
Tim Potter
624431c98b Renamed parameters and variables called acl to the_acl as it conflicts
with a Solaris system call.
(This used to be commit 5e547ddcb5)
2000-12-14 05:38:05 +00:00
Tim Potter
237e74730c Cache lsa connection and policy handle for resolving names and sids.
(This used to be commit 09d2d972fd)
2000-12-14 03:27:53 +00:00
Tim Potter
56ee3e2e2f Convert names to sids when modifying ACLs. Convert sids to names when
displaying ACLs.
(This used to be commit 5001bbc64b)
2000-12-13 12:53:42 +00:00
Tim Potter
76dca9c1fb Don't print out the security descriptor type as it is automatically
calculated by the new make_sec_desc() function.
(This used to be commit 6fd5dc8145)
2000-12-12 06:14:01 +00:00
Tim Potter
cbddae005f Better error checking for ACL parsing.
Print an error when attempting to delete a non-existent ACL.
(This used to be commit d119782d0d)
2000-12-12 06:06:10 +00:00
Tim Potter
34402b75b5 Added undocumented -t command for testing parsing of acl entries.
Print out hex value for ace mask if we can't decode it.

We can now parse FULL,CHANGE,READ as well as combos of RWXDPO as ace mask
values.

Clarified usage message.

Bomb out if excess args are given.
(This used to be commit ed5bda119a)
2000-12-07 06:05:57 +00:00
Andrew Tridgell
3eee7625b1 added a comment
(This used to be commit 032442802f)
2000-12-04 07:38:06 +00:00
Andrew Tridgell
723c9b87e7 fixed the parsing again and got setting acls working with w2k
(This used to be commit 374d08be64)
2000-12-04 07:27:35 +00:00
Tim Potter
54100bac69 Added some cli_errstr() calls.
(This used to be commit faaa71a032)
2000-12-04 06:46:52 +00:00
Tim Potter
92abcbc040 Removed lsa lookup warnings (I'll remember).
Print an error if -M refers to a non-existent ACL.
(This used to be commit ee6f5a9672)
2000-12-04 06:43:36 +00:00
Andrew Tridgell
3d43b2db28 fixed setting ACLs on directories
(This used to be commit 117956ecb1)
2000-12-04 06:39:31 +00:00
Tim Potter
252e3ba128 Mask value now displayed as READ/CHANGE/FULL for standard permissions, or
RWXDPO for special permissions.

Append 0x to values printed as hex.

Spruced up the help message.
(This used to be commit 8a20318c56)
2000-12-04 06:14:28 +00:00
Andrew Tridgell
5092ad82ba removed SACL support (as it doesn't work with w2k if you ask for
SACLs)
(This used to be commit 52b27d75e1)
2000-12-04 04:58:40 +00:00
Andrew Tridgell
576a106d03 signed/unsigned warning fixed
(This used to be commit 71adecd163)
2000-12-04 03:27:02 +00:00
Andrew Tridgell
6399b62175 fixed acls set bug
(This used to be commit 44524958ed)
2000-12-04 02:01:57 +00:00
Andrew Tridgell
0884d6ab52 fixed SACL bug
(This used to be commit 077ee4a7ac)
2000-12-04 00:35:31 +00:00
Andrew Tridgell
a4c11729b2 - with -D only delete first match
- fixed delete bug
(This used to be commit 1e0d5f0695)
2000-12-04 00:33:08 +00:00
Andrew Tridgell
0cb1c512f1 - added help
- added add/modify/delete/set as separate operations
(This used to be commit cb324b53c6)
2000-12-03 12:41:28 +00:00
Andrew Tridgell
dc3251b460 cleaner parsing and default handling
(This used to be commit f8dbd2b799)
2000-12-03 11:05:11 +00:00
Andrew Tridgell
3b22b74f9d - better parsing
- started to add non-numeric support
(This used to be commit fd4c03aef6)
2000-12-03 08:35:11 +00:00
Andrew Tridgell
4fee254d67 getting/setting acls now works. The SIDs are still numeric, the next
step is to support usernames etc
(This used to be commit 6cea1647fc)
2000-12-03 07:36:15 +00:00
Andrew Tridgell
c93f686f01 added basic ability to dump remote file acls
(This used to be commit c6c90dc8e1)
2000-12-03 05:24:16 +00:00
Andrew Tridgell
83bd929883 a prootype program for querying/setting a security decsriptor on a
remote machine

it is by no means complete, expect more commits soon
(This used to be commit f2f9859b70)
2000-12-03 02:19:27 +00:00